3 Answers
3

Another method to the ones described above would be ID-based encryption where a trusted third party, called the Private Key Generator (PKG), generates the corresponding private key based on the user's identity (whether it be domain name or email address).

Given the master public key, any party can compute a public key corresponding to the identity ID by combining the master public key with the identity value. To obtain a corresponding private key, the party authorized to use the identity ID contacts the PKG, which uses the master private key to generate the private key for identity ID. If only part of the master private key is used to generate the corresponding private key, then the PKG can generate two private keys by using different parts of the master key. That way, the user will have one private key, and management the other.

Whether or not this is secure depends on how much you trust the third party PKG.

Disclaimer: I don't know if this is really done as I write here, these are just some guesses.

One idea would be that in a file header the actual key used for encryption (the "session key") is encrypted with both the employees passphrase and the IT admin's passphrase (in parallel). Then it is enough to know one of the passphrases to decrypt the whole document.

Of course, this is easier to do if this key encryption (at least the admin part) is done with asymmetrical algorithms (like RSA) (since otherwise the employee, or at least the encryption software, would need the admin's passphrase). So we encrypt the session key with the admin's public key, and the admin then can decrypt it with his own private key, if needed.

Similar things are done when you send a PGP-encrypted email to several recipients.